Grindr Investigates Alleged Data Breach After Hacker Claims to Sell 15M User Records
A hacker operating under the alias nilojeda has claimed to breach Grindr’s entire customer database, offering over 15 million user records for sale on an underground forum. The alleged dataset includes sensitive information such as usernames, display names, full names, emails, password hashes, phone hashes, gender and sexual orientation details, and dates of birth. The hacker posted the offer on June 2, pricing the data at $400 in cryptocurrency and providing a sample for verification.
Grindr, however, has denied any evidence of unauthorized access. A company spokesperson stated that their investigation found no credible proof of a breach, adding that the legitimacy of the claim remains unclear. The app, which serves nearly 15 million active users across 190 countries, is headquartered in West Hollywood, the Bay Area, Chicago, and New York.
The threat actor, nilojeda, first appeared on the forum on May 29 and has also claimed breaches of Hinge’s database and a collection of Spanish contacts. Grindr, a widely used dating platform within the queer community, continues to assess the situation as security researchers monitor the claims.
Source: https://www.cyberdaily.au/security/13707-no-backdoor-shenanigans-grindr-denies-data-breach-claims
Hinge TPRM report: https://www.rankiteo.com/company/hinge-app
Grindr TPRM report: https://www.rankiteo.com/company/grindr
"id": "hingri1780885491",
"linkid": "hinge-app, grindr",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '15 million',
'industry': 'Technology / Social Networking',
'location': ['West Hollywood',
'Bay Area',
'Chicago',
'New York'],
'name': 'Grindr',
'size': 'Large (15 million active users)',
'type': 'Dating Platform'}],
'data_breach': {'data_encryption': 'Password and phone hashes (encryption '
'status unclear)',
'data_exfiltration': 'Allegedly sold on underground forum',
'number_of_records_exposed': '15 million',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and sensitive personal '
'details)',
'type_of_data_compromised': ['Usernames',
'Display names',
'Full names',
'Emails',
'Password hashes',
'Phone hashes',
'Gender and sexual orientation '
'details',
'Dates of birth']},
'date_detected': '2024-06-02',
'date_publicly_disclosed': '2024-06-02',
'description': 'A hacker operating under the alias *nilojeda* has claimed to '
'breach Grindr’s entire customer database, offering over 15 '
'million user records for sale on an underground forum. The '
'alleged dataset includes sensitive information such as '
'usernames, display names, full names, emails, password '
'hashes, phone hashes, gender and sexual orientation details, '
'and dates of birth.',
'impact': {'brand_reputation_impact': 'Potential reputational damage',
'data_compromised': '15 million user records',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential regulatory violations'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'references': [{'date_accessed': '2024-06-02',
'source': 'Underground forum post by *nilojeda*'}],
'regulatory_compliance': {'regulations_violated': ['Potential GDPR violations '
'(if EU users affected)',
'Potential CCPA violations '
'(if California users '
'affected)']},
'response': {'communication_strategy': 'Public denial of breach evidence'},
'threat_actor': 'nilojeda',
'title': 'Alleged Data Breach of Grindr User Records',
'type': 'Data Breach'}